Microsoft 365 Native External Sender Security Feature – Set-ExternalInOutlook

Kris WilkinsonDecember 16, 2022

Cyber-Security Advisories Cyber-Security News/Blog Knowledge Base (KB) SIRKit News Technical Pro-tips and How-to

We’re all annoyed by spam and spoofed e-mails (impersonation attempts). While most of it is harmless and fake, incorrectly opened attachments or links may lead to security incidents like ransomware or network breaches. As aggressive and thorough as Microsoft is with inbound e-mail scanning, it’s reasonable to assume a small percentage of malicious e-mails will make it past their defences when they’re up against the entire planet.

As a Security First MSP, we constantly look for the best ways to protect our partners. Most threats originate from the outside world, and 95 percent of all cyber-security breaches are caused by human error. Therefore, helping your team understand when an e-mail is legitimately from an external party is extremely important.

We’re excited to announce Microsoft’s official Native External Sender Security feature. There is no cost for the service if you already have Microsoft 365 mailboxes; you simply need to enable it for your organization. The new service automatically identifies external senders and provides a simple and effective warning message directly in Outlook. You no longer need to create transport rules or use scripts to embed a warning.

Things to know

  • SIRKit now uses the Native External Sender Security Feature for all clients to protect their systems
  • The warning message works with Microsoft Outlook only (including the Web, Desktop, or Mobile editions)
  • We highly recommend using Microsoft Outlook on all devices instead of other mail applications. Microsoft continues to incorporate better compatibility, functionality and security into Outlook that is unavailable on other platforms. Seriously, start using Outlook.

What does it look like?

Microsoft Outlook (Desktop Software)

Microsoft Outlook (Mobile App)

Microsoft Outlook (Webmail)

External Sender - Outlook

How to set it up?

SIRKit’s Managed IT partners don’t need to apply the change. We’ve already gone ahead and done it for you. Enjoy!
For everyone else, have your IT team follow this article: Set-ExternalInOutlook (ExchangePowerShell) | Microsoft Learn. If you don’t have a trusted IT team to work with, you’re welcome to reach out to us. For 15 years, we’ve helped businesses around Canada protect their teams. Our internal teams go way beyond the fundamentals to protect our partners. We enjoy the heavy lifting and building long-term relationships; It’s easier than you think with the right partner.